Skip to content
Permalink
Browse files

Merge remote-tracking branch 'upstream/master'

  • Loading branch information...
JohannesKleine committed Aug 9, 2019
2 parents 60ecd40 + 7e94e32 commit c2bf150796a356d7a304304ed2f45e33ad284712
Showing with 1,790 additions and 1,227 deletions.
  1. +2 −0 .gitlab-ci.yml
  2. +1,307 −820 CHANGELOG.rst
  3. +16 −21 Dockerfile
  4. +3 −1 README.md
  5. +0 −4 ansible/playbooks/service/gitlab.yml
  6. +8 −3 ansible/roles/debops.dokuwiki/defaults/main.yml
  7. +5 −0 ansible/roles/debops.dokuwiki/tasks/main.yml
  8. +4 −1 ansible/roles/debops.etherpad/defaults/main.yml
  9. +1 −1 ansible/roles/debops.etherpad/meta/watch-etherpad-lite
  10. +4 −2 ansible/roles/debops.gitlab/tasks/configure_gitlab_ce.yml
  11. +6 −1 ansible/roles/debops.keyring/tasks/main.yml
  12. +6 −5 ansible/roles/debops.lvm/tasks/manage_lvm.yml
  13. +22 −5 ansible/roles/debops.lxc/tasks/main.yml
  14. +3 −3 ansible/roles/debops.nodejs/COPYRIGHT
  15. +89 −139 ansible/roles/debops.nodejs/defaults/main.yml
  16. +5 −7 ansible/roles/debops.nodejs/meta/main.yml
  17. +22 −34 ansible/roles/debops.nodejs/tasks/main.yml
  18. +78 −13 ansible/roles/debops.nodejs/templates/etc/ansible/facts.d/nodejs.fact.j2
  19. +1 −1 ansible/roles/debops.redis_server/templates/etc/systemd/system/redis-server@.service.j2
  20. +3 −0 ansible/roles/debops.rstudio_server/meta/watch-rstudio
  21. +4 −7 ansible/roles/debops.sysctl/defaults/main.yml
  22. +0 −1 bin/debops-init
  23. +2 −1 docs/ansible/roles/debops.lxc/getting-started.rst
  24. +0 −4 docs/ansible/roles/debops.nodejs/copyright.rst
  25. +14 −25 docs/ansible/roles/debops.nodejs/getting-started.rst
  26. +23 −2 docs/ansible/roles/debops.nodejs/index.rst
  27. +0 −22 docs/ansible/roles/debops.nodejs/introduction.rst
  28. +31 −14 docs/debops-tools/scripts/debops-update.rst
  29. +1 −1 docs/introduction/getting-started.rst
  30. +1 −8 docs/introduction/quick-start.rst
  31. +94 −67 docs/news/releases.rst
  32. +25 −2 docs/news/upgrades.rst
  33. +6 −8 lib/docker/docker-entrypoint
  34. +4 −4 setup.py
@@ -1242,6 +1242,8 @@ stages:
'rstudio_server role':
<<: *test_role_3rd_deps
variables:
# Needed due to old libssl dependency of rstudio-server package
BASE_VAGRANT_BOX: 'debian/stretch64'
JANE_TEST_PLAY: '${DEBOPS_PLAYBOOKS}/service/rstudio_server.yml'
JANE_INVENTORY_GROUPS: 'debops_service_rstudio_server'
JANE_DIFF_PATTERN: '.*/debops.rstudio_server/.*'

Large diffs are not rendered by default.

@@ -1,7 +1,7 @@
# Set up an Ansible Controller with DebOps support as a Docker container
#
# Copyright (C) 2017 Maciej Delmanowski <drybjed@gmail.com>
# Copyright (C) 2017 DebOps project https://debops.org/
# Copyright (C) 2017-2019 Maciej Delmanowski <drybjed@gmail.com>
# Copyright (C) 2017-2019 DebOps project https://debops.org/


# Basic usage:
@@ -10,40 +10,31 @@
# docker run --name <container> -h controller.example.org -i -t debops
#
# cd src/controller
# debops --skip-tags role::ferm,role::sysctl,role::sshd,role::root_account,role::etc_services
#
# These roles currently have issues when executed against a Docker container:
# - debops.etc_services - destroys '/etc/services' file
# - debops.ferm - cannot configure sysctl
# - debops.sshd - daemon cannot be restarted
# - debops.sysctl - cannot configure sysctl
# - debops.root_account - cannot reconfigure root account
# debops common --diff


FROM debian:stretch-slim
FROM debian:buster-slim

LABEL maintainer="Maciej Delmanowski <drybjed@gmail.com>" \
project="DebOps" homepage="https://debops.org/"

ENV DOCKER_ENVIRONMENT true

RUN apt-get -q update \
&& DEBIAN_FRONTEND=noninteractive apt-get \
--no-install-recommends -yq install \
iproute2 \
levee \
openssh-client \
python-apt \
python-dnspython \
python-future \
python-ldap \
python-pip \
python-wheel \
python-setuptools \
python3-apt \
python3-dnspython \
python3-future \
python3-ldap \
python3-pip \
python3-wheel \
python3-setuptools \
procps \
sudo \
tree \
&& pip install \
&& pip3 install \
debops[ansible] \
&& echo "Cleaning up cache directories..." \
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb /root/.cache/*
@@ -58,6 +49,10 @@ RUN groupadd --system admins \
USER ansible
WORKDIR /home/ansible

# Docker does not set expected environment variables by default
# Ref: https://stackoverflow.com/questions/54411218/
ENV USER ansible

# Add contents of the DebOps monorepo to the container
COPY . .local/share/debops/debops

@@ -43,14 +43,16 @@ page][debops-docs].
## Quick start

Start a Docker container which acts as an Ansible Controller host with DebOps
support, based on Debian Stretch:
support, based on Debian Buster:

docker run -it --rm debops/debops
cd src/controller ; debops common --diff

Or, create a Vagrant VM which acts as an Ansible Controller host:

git clone https://github.com/debops/debops
cd debops && vagrant up && vagrant ssh
cd src/controller ; debops common --diff

You can use configuration in the `src/controller` subdirectory to try out
DebOps against the container/VM, or create your own DebOps project directory
@@ -17,8 +17,6 @@
- '{{ nodejs__keyring__dependent_apt_keys }}'
- '{{ postgresql__keyring__dependent_apt_keys }}'
- '{{ nginx__keyring__dependent_apt_keys }}'
nodejs__upstream: True
nodejs__yarn_upstream: True

- role: debops.gitlab/env
tags: [ 'role::gitlab', 'role::postgresql' ]
@@ -52,8 +50,6 @@

- role: debops.nodejs
tags: [ 'role::nodejs', 'skip::nodejs' ]
nodejs__upstream: True
nodejs__yarn_upstream: True

- role: debops.etc_services
tags: [ 'role::etc_services', 'skip::etc_services' ]
@@ -13,16 +13,16 @@
# Basic configuration options [[[
# -------------------------------

# .. envvar:: dokuwiki__main_domain [[[
# .. envvar:: dokuwiki__fqdn [[[
#
# Default domain which will be used to host the "main" wiki instance.
dokuwiki__main_domain: 'wiki.{{ ansible_domain }}'
dokuwiki__fqdn: 'wiki.{{ ansible_domain }}'

# ]]]
# .. envvar:: dokuwiki__domains [[[
#
# List of domains on which DokuWiki is configured in nginx.
dokuwiki__domains: '{{ [ dokuwiki__main_domain ] +
dokuwiki__domains: '{{ [ dokuwiki__fqdn ] +
dokuwiki__farm_animals|d([]) }}'

# ]]]
@@ -179,8 +179,13 @@ dokuwiki__plugins_syntax:
- repo: 'https://github.com/cosmocode/dig.git'
dest: 'dig'

# This plugin has been replaced by 'switchpanel' plugin
- repo: 'https://github.com/grantemsley/dokuwiki-plugin-patchpanel.git'
dest: 'patchpanel'
state: 'absent'

- repo: 'https://github.com/GreenItSolutions/dokuwiki-plugin-switchpanel.git'
dest: 'switchpanel'

- repo: 'https://github.com/ashrafhasson/dokuwiki-plugin-advrack.git'
dest: 'advrack'
@@ -46,6 +46,7 @@
become: True
become_user: '{{ dokuwiki__user }}'
register: dokuwiki__register_source
until: dokuwiki__register_source is succeeded

- name: Create DokuWiki checkout directory
file:
@@ -115,6 +116,8 @@
with_flattened:
- '{{ dokuwiki__default_plugins }}'
- '{{ dokuwiki__plugins }}'
register: dokuwiki__register_git_plugins
until: dokuwiki__register_git_plugins is succeeded
when: (dokuwiki__plugins_enabled|bool and
(item.repo|d() and item.repo) and (item.dest|d() and item.dest) and
(item.state is undefined or (item.state|d() and item.state != 'absent')))
@@ -140,6 +143,8 @@
with_flattened:
- '{{ dokuwiki__default_templates }}'
- '{{ dokuwiki__templates }}'
register: dokuwiki__register_git_templates
until: dokuwiki__register_git_templates is succeeded
when: (dokuwiki__plugins_enabled|bool and
(item.repo|d() and item.repo) and (item.dest|d() and item.dest) and
(item.state is undefined or (item.state|d() and item.state != 'absent')))
@@ -92,7 +92,10 @@ etherpad_log_dir: '{{ (ansible_local.root.log
# .. envvar:: etherpad_version [[[
#
# Etherpad git version to install.
etherpad_version: 'develop'
etherpad_version: '{{ "1.7.0"
if (ansible_local|d() and ansible_local.nodejs|d() and
(ansible_local.nodejs.npm_version|d()) is version("6.4.0", "<"))
else "1.7.5" }}'

# ]]]
# .. envvar:: etherpad_source_address [[[
@@ -1,6 +1,6 @@
# Role: debops.etherpad
# Package: etherpad-lite
# Version: develop
# Version: 1.7.5

version=4
https://github.com/ether/etherpad-lite/tags .*/v?(\d\S+)\.tar\.gz
@@ -195,11 +195,13 @@
# The RubyGems.org website has frequent timeouts, so we will try and install
# everything again as long as there are errors.
- name: Update Ruby gems
shell: bundle install --deployment
shell: set -o nounset -o pipefail -o errexit &&
bundle install --deployment
--without {{ gitlab_ce_bundle_install_without[gitlab__database] }}
--retry 9999 >> /tmp/gitlab-bundle-install.log 2>&1 ;
--retry 9999 >> /tmp/gitlab-bundle-install.log 2>&1 &&
rm -f /tmp/gitlab-bundle-install.log
args:
executable: 'bash'
chdir: '{{ gitlab_ce_git_checkout }}'
become: True
become_user: '{{ gitlab_user }}'
@@ -90,6 +90,10 @@
when: keyring__enabled|bool and (item.create_user|d(True))|bool and
item.user|d() and item.state|d('present') not in [ 'absent', 'ignore' ]

- name: Gather information about existing UNIX accounts
getent:
database: 'passwd'

# In some cases 'apt-key' command refuses to work complaining that it has to
# be run by root. This task should handle these cases gracefully.
- name: Import specified GPG keys to account keyring
@@ -125,6 +129,7 @@
loop: '{{ q("flattened", (keyring__dependent_gpg_keys)) }}'
register: keyring__register_gpg_key
until: keyring__register_gpg_key.rc == 0
when: keyring__enabled|bool and (item.id|d() or item is string)
when: (keyring__enabled|bool and (item.id|d() or item is string) and
(item.user | d(keyring__dependent_gpg_user if keyring__dependent_gpg_user|d() else "root")) in getent_passwd.keys())
changed_when: '("Adding key..." in keyring__register_gpg_key.stdout_lines) or
("Removing key..." in keyring__register_gpg_key.stdout_lines)'
@@ -42,11 +42,12 @@

- name: Manage LVM Logical Volumes
lvol:
lv: '{{ item.lv }}'
vg: '{{ item.vg }}'
size: '{{ item.size }}'
force: '{{ item.force | d(omit) }}'
state: 'present'
lv: '{{ item.lv }}'
vg: '{{ item.vg }}'
size: '{{ item.size }}'
force: '{{ item.force | d(omit) }}'
shrink: '{{ item.force | d(False) }}'
state: 'present'
with_items: '{{ lvm__logical_volumes }}'
when: lvm__logical_volumes|d(False) and
item.vg|d() and item.lv|d() and item.size|d() and
@@ -60,18 +60,34 @@
group: 'root'
mode: '0755'

- name: Remove systemd service overrides
file:
path: '{{ item.name | d(item) }}'
state: 'absent'
loop:
- name: '/etc/systemd/system/lxc@.service.d/poweroff.conf'
state: '{{ "present"
if (lxc__version is version("2.1.0", "<"))
else "absent" }}'
register: lxc__register_systemd_overrides_remove
when: item.state|d('present') == 'absent'

- name: Install systemd service overrides
template:
src: '{{ item }}.j2'
dest: '/{{ item }}'
src: '{{ item.name | d(item) }}.j2'
dest: '/{{ item.name | d(item) }}'
owner: 'root'
group: 'root'
mode: '0644'
loop:
- 'etc/systemd/system/lxc.service.d/exec-override.conf'
- 'etc/systemd/system/lxc@.service.d/poweroff.conf'
- 'etc/systemd/system/lxc@.service.d/partof.conf'
register: lxc__register_systemd_overrides
- name: 'etc/systemd/system/lxc@.service.d/poweroff.conf'
state: '{{ "present"
if (lxc__version is version("2.1.0", "<"))
else "absent" }}'
register: lxc__register_systemd_overrides_create
when: item.state|d('present') != 'absent'

- name: Disable internal network when requested
systemd:
@@ -157,7 +173,8 @@
lxc__register_net_config|d({}) is changed or
lxc__register_net_dnsmasq|d({}) is changed or
lxc__register_net_systemd|d({}) is changed or
lxc__register_systemd_overrides|d({}) is changed))
lxc__register_systemd_overrides_create|d({}) is changed or
lxc__register_systemd_overrides_remove|d({}) is changed))
tags: [ 'role::lxc:net', 'role::lxc:dnsmasq' ]

- name: Remove LXC configuration if requested
@@ -1,8 +1,8 @@
debops.nodejs - Manage NodeJS environment using Ansible

Copyright (C) 2015-2018 Maciej Delmanowski <drybjed@gmail.com>
Copyright (C) 2016 Patrick Heeney <patrickheeney@gmail.com>
Copyright (C) 2015-2018 DebOps https://debops.org/
Copyright (C) 2015-2019 Maciej Delmanowski <drybjed@gmail.com>
Copyright (C) 2016 Patrick Heeney <patrickheeney@gmail.com>
Copyright (C) 2015-2019 DebOps https://debops.org/

This Ansible role is part of DebOps.

0 comments on commit c2bf150

Please sign in to comment.
You can’t perform that action at this time.